Merge branch 'v2.5' into monoorigin/mono

Conflicts:
	src/DotNetOpenId/Properties/AssemblyInfo.cs
	src/DotNetOpenId/RelyingParty/AuthenticationResponse.cs

7 files changed, 273 insertions, 0 deletions

diff --git a/src/DotNetOpenId.Test/UI/IdentityEndpointTest.cs b/src/DotNetOpenId.Test/UI/IdentityEndpointTest.cs
new file mode 100644
index 0000000..89ec02a
--- /dev/null
+++ b/src/DotNetOpenId.Test/UI/IdentityEndpointTest.cs
@@ -0,0 +1,41 @@
+using System;

+using System.Collections.Generic;

+using System.Text;

+using NUnit.Framework;

+using System.IO;

+using System.Diagnostics;

+using DotNetOpenId.Test.Hosting;

+using System.Text.RegularExpressions;

+using System.Net;

+using System.Globalization;

+

+namespace DotNetOpenId.Test.UI {

+	[TestFixture]

+	public class IdentityEndpointTest {

+		void parameterizedIdentityEndpointPage(ProtocolVersion version) {

+			Protocol protocol = Protocol.Lookup(version);

+			TestSupport.Scenarios scenario = TestSupport.Scenarios.AutoApproval;

+			Identifier identityUrl = TestSupport.GetIdentityUrl(scenario, version);

+			string html = UITestSupport.Host.ProcessRequest(identityUrl);

+			TestSupport.Logger.InfoFormat("{0} response:{1}{2}", identityUrl, Environment.NewLine, html);

+			Assert.IsTrue(Regex.IsMatch(html, string.Format(CultureInfo.InvariantCulture,

+				@"\<link rel=""{1}"" href=""http://[^/]+/{0}""\>\</link\>",

+				Regex.Escape(TestSupport.ProviderPage),

+				Regex.Escape(protocol.HtmlDiscoveryProviderKey))));

+			Assert.IsTrue(Regex.IsMatch(html, string.Format(CultureInfo.InvariantCulture,

+				@"\<link rel=""{1}"" href=""http://[^/]+{0}""\>\</link\>",

+				Regex.Escape(new Uri(TestSupport.GetDelegateUrl(scenario).ToString()).AbsolutePath),

+				Regex.Escape(protocol.HtmlDiscoveryLocalIdKey))));

+		}

+

+		[Test]

+		public void IdentityEndpoint20Page() {

+			parameterizedIdentityEndpointPage(ProtocolVersion.V20);

+		}

+

+		[Test]

+		public void IdentityEndpoint11Page() {

+			parameterizedIdentityEndpointPage(ProtocolVersion.V11);

+		}

+	}

+}

diff --git a/src/DotNetOpenId.Test/UI/OpenIdMobileTextBoxTest.cs b/src/DotNetOpenId.Test/UI/OpenIdMobileTextBoxTest.cs
new file mode 100644
index 0000000..7ab78c6
--- /dev/null
+++ b/src/DotNetOpenId.Test/UI/OpenIdMobileTextBoxTest.cs
@@ -0,0 +1,16 @@
+using System;

+using System.Collections.Generic;

+using System.Linq;

+using System.Text;

+using NUnit.Framework;

+

+namespace DotNetOpenId.Test.UI {

+	[TestFixture]

+	public class OpenIdMobileTextBoxTest {

+		[Test]

+		public void TextBoxAppears() {

+			string html = UITestSupport.Host.ProcessRequest(TestSupport.MobileConsumerPage);

+			Assert.IsTrue(html.Contains("<input "));

+		}

+	}

+}

diff --git a/src/DotNetOpenId.Test/UI/OpenIdTextBoxTest.cs b/src/DotNetOpenId.Test/UI/OpenIdTextBoxTest.cs
new file mode 100644
index 0000000..4012a05
--- /dev/null
+++ b/src/DotNetOpenId.Test/UI/OpenIdTextBoxTest.cs
@@ -0,0 +1,17 @@
+using System;

+using System.Collections.Generic;

+using System.Text;

+using NUnit.Framework;

+using DotNetOpenId.Test.Hosting;

+using System.Net;

+

+namespace DotNetOpenId.Test.UI {

+	[TestFixture]

+	public class OpenIdTextBoxTest {

+		[Test]

+		public void TextBoxAppears() {

+			string html = UITestSupport.Host.ProcessRequest(TestSupport.ConsumerPage);

+			Assert.IsTrue(html.Contains("<input "));

+		}

+	}

+}

diff --git a/src/DotNetOpenId.Test/UI/ProviderEndpointTest.cs b/src/DotNetOpenId.Test/UI/ProviderEndpointTest.cs
new file mode 100644
index 0000000..6da933a
--- /dev/null
+++ b/src/DotNetOpenId.Test/UI/ProviderEndpointTest.cs
@@ -0,0 +1,38 @@
+using System;

+using System.Collections.Generic;

+using System.Text;

+using NUnit.Framework;

+using DotNetOpenId.Test.Hosting;

+using DotNetOpenId.Provider;

+using System.Net;

+

+namespace DotNetOpenId.Test.UI {

+	[TestFixture]

+	public class ProviderEndpointTest {

+		[Test]

+		public void Ctor() {

+			ProviderEndpoint pe = new ProviderEndpoint();

+		}

+

+		[Test]

+		public void SimpleEnabled() {

+			ProviderEndpoint pe = new ProviderEndpoint();

+			Assert.IsTrue(pe.Enabled);

+			pe.Enabled = false;

+			Assert.IsFalse(pe.Enabled);

+		}

+

+		[Test]

+		public void OrdinaryHTTPRequest() {

+			Uri pe = TestSupport.GetFullUrl(TestSupport.ProviderPage);

+			HttpWebRequest req = (HttpWebRequest)WebRequest.Create(pe);

+			req.AllowAutoRedirect = false;

+			HttpWebResponse resp = (HttpWebResponse)req.GetResponse();

+			Assert.AreEqual(HttpStatusCode.OK, resp.StatusCode);

+			Assert.AreEqual("text/html; charset=utf-8", resp.ContentType);

+		}

+

+		// Most other scenarios for the endpoint control are tested by our 

+		// end-to-end testing.

+	}

+}

diff --git a/src/DotNetOpenId.Test/UI/TestSupportSanityTest.cs b/src/DotNetOpenId.Test/UI/TestSupportSanityTest.cs
new file mode 100644
index 0000000..e84625b
--- /dev/null
+++ b/src/DotNetOpenId.Test/UI/TestSupportSanityTest.cs
@@ -0,0 +1,32 @@
+using System;

+using System.Collections.Generic;

+using System.Text;

+using NUnit.Framework;

+using System.Net;

+using System.Globalization;

+using System.IO;

+using System.Diagnostics;

+using System.Text.RegularExpressions;

+

+namespace DotNetOpenId.Test.UI {

+	[TestFixture]

+	public class TestSupportSanityTest {

+		[Test]

+		public void TestHost() {

+			string query = "a=b&c=d";

+			string body = "aa=bb&cc=dd";

+			string resultHtml = UITestSupport.Host.ProcessRequest(TestSupport.HostTestPage + "?" + query, body);

+

+			Assert.IsFalse(string.IsNullOrEmpty(resultHtml));

+			Debug.WriteLine(resultHtml);

+			Assert.IsTrue(Regex.IsMatch(resultHtml, @"Query.*" + Regex.Escape(query)));

+			Assert.IsTrue(Regex.IsMatch(resultHtml, @"Body.*" + Regex.Escape(body)));

+		}

+

+		[Test]

+		public void TestProviderPage() {

+			string html = UITestSupport.Host.ProcessRequest(TestSupport.ProviderPage);

+			Assert.IsFalse(string.IsNullOrEmpty(html));

+		}

+	}

+}

diff --git a/src/DotNetOpenId.Test/UI/UITestSupport.cs b/src/DotNetOpenId.Test/UI/UITestSupport.cs
new file mode 100644
index 0000000..40d169a
--- /dev/null
+++ b/src/DotNetOpenId.Test/UI/UITestSupport.cs
@@ -0,0 +1,26 @@
+using System;

+using System.Collections.Generic;

+using System.Linq;

+using System.Text;

+using NUnit.Framework;

+using DotNetOpenId.Test.Hosting;

+

+namespace DotNetOpenId.Test.UI {

+	[SetUpFixture]

+	public class UITestSupport {

+		internal static AspNetHost Host { get; private set; }

+

+		[SetUp]

+		public void SetUp() {

+			Host = AspNetHost.CreateHost(TestSupport.TestWebDirectory);

+		}

+

+		[TearDown]

+		public void TearDown() {

+			if (Host != null) {

+				Host.CloseHttp();

+				Host = null;

+			}

+		}

+	}

+}

diff --git a/src/DotNetOpenId.Test/UI/WebControlTesting.cs b/src/DotNetOpenId.Test/UI/WebControlTesting.cs
new file mode 100644
index 0000000..2ec010f
--- /dev/null
+++ b/src/DotNetOpenId.Test/UI/WebControlTesting.cs
@@ -0,0 +1,103 @@
+using System;

+using System.Collections.Generic;

+using System.Linq;

+using System.Text;

+using NUnit.Framework;

+using DotNetOpenId.RelyingParty;

+using System.Net;

+using System.Collections.Specialized;

+using System.IO;

+using System.Text.RegularExpressions;

+using System.Diagnostics;

+

+namespace DotNetOpenId.Test.UI {

+	[TestFixture]

+	public class WebControlTesting {

+		void parameterizedWebClientTest(Identifier identityUrl,

+			AuthenticationRequestMode requestMode, AuthenticationStatus expectedResult) {

+

+			Uri redirectToProviderUrl;

+			HttpWebRequest rpRequest = (HttpWebRequest)WebRequest.Create(TestSupport.GetFullUrl(TestSupport.ConsumerPage));

+			NameValueCollection query = new NameValueCollection();

+			using (HttpWebResponse response = (HttpWebResponse)rpRequest.GetResponse()) {

+				using (StreamReader sr = new StreamReader(response.GetResponseStream())) {

+					Regex regex = new Regex(@"\<input\b.*\bname=""(\w+)"".*\bvalue=""([^""]+)""", RegexOptions.IgnoreCase);

+					while (!sr.EndOfStream) {

+						string line = sr.ReadLine();

+						Match m = regex.Match(line);

+						if (m.Success) {

+							query[m.Groups[1].Value] = m.Groups[2].Value;

+						}

+					}

+				}

+			}

+			query["OpenIdTextBox1$wrappedTextBox"] = identityUrl;

+			rpRequest = (HttpWebRequest)WebRequest.Create(TestSupport.GetFullUrl(TestSupport.ConsumerPage));

+			rpRequest.Method = "POST";

+			rpRequest.AllowAutoRedirect = false;

+			string queryString = UriUtil.CreateQueryString(query);

+			rpRequest.ContentLength = queryString.Length;

+			rpRequest.ContentType = "application/x-www-form-urlencoded";

+			using (StreamWriter sw = new StreamWriter(rpRequest.GetRequestStream())) {

+				sw.Write(queryString);

+			}

+			using (HttpWebResponse response = (HttpWebResponse)rpRequest.GetResponse()) {

+				using (StreamReader sr = new StreamReader(response.GetResponseStream())) {

+					string doc = sr.ReadToEnd();

+					Debug.WriteLine(doc);

+				}

+				redirectToProviderUrl = new Uri(response.Headers[HttpResponseHeader.Location]);

+			}

+

+			HttpWebRequest providerRequest = (HttpWebRequest)WebRequest.Create(redirectToProviderUrl);

+			providerRequest.AllowAutoRedirect = false;

+			Uri redirectUrl;

+			try {

+				using (HttpWebResponse providerResponse = (HttpWebResponse)providerRequest.GetResponse()) {

+					Assert.AreEqual(HttpStatusCode.Redirect, providerResponse.StatusCode);

+					redirectUrl = new Uri(providerResponse.Headers[HttpResponseHeader.Location]);

+				}

+			} catch (WebException ex) {

+				TestSupport.Logger.Error("WebException", ex);

+				if (ex.Response != null) {

+					using (StreamReader sr = new StreamReader(ex.Response.GetResponseStream())) {

+						TestSupport.Logger.ErrorFormat("Response stream follows: {0}", sr.ReadToEnd());

+					}

+				}

+				throw;

+			}

+			rpRequest = (HttpWebRequest)WebRequest.Create(redirectUrl);

+			rpRequest.AllowAutoRedirect = false;

+			using (HttpWebResponse response = (HttpWebResponse)rpRequest.GetResponse()) {

+				Assert.AreEqual(HttpStatusCode.Redirect, response.StatusCode); // redirect on login

+			}

+

+			// Try replay attack

+			if (expectedResult == AuthenticationStatus.Authenticated) {

+				// This simulates a network sniffing user who caught the 

+				// authenticating query en route to either the user agent or

+				// the consumer, and tries the same query to the consumer in an

+				// attempt to spoof the identity of the authenticating user.

+				rpRequest = (HttpWebRequest)WebRequest.Create(redirectUrl);

+				rpRequest.AllowAutoRedirect = false;

+				using (HttpWebResponse response = (HttpWebResponse)rpRequest.GetResponse()) {

+					Assert.AreEqual(HttpStatusCode.OK, response.StatusCode); // error message

+				}

+			}

+		}

+

+		[Test]

+		public void Pass_Setup_AutoApproval_20() {

+			Identifier userSuppliedIdentifier = TestSupport.GetMockIdentifier(TestSupport.Scenarios.AutoApproval, ProtocolVersion.V20);

+			Identifier claimedId = userSuppliedIdentifier;

+			parameterizedWebClientTest(userSuppliedIdentifier, AuthenticationRequestMode.Setup, AuthenticationStatus.Authenticated);

+		}

+

+		[Test]

+		public void Fail_Immediate_ApproveOnSetup_20() {

+			Identifier userSuppliedIdentifier = TestSupport.GetMockIdentifier(TestSupport.Scenarios.ApproveOnSetup, ProtocolVersion.V20);

+			Identifier claimedId = userSuppliedIdentifier;

+			parameterizedWebClientTest(userSuppliedIdentifier, AuthenticationRequestMode.Immediate, AuthenticationStatus.Authenticated);

+		}

+	}

+}